One-Time Password Authentication

Last Updated: 08/09/2017


One-Time Password (OTP), a secure authentication system, provides an extra layer of security for confidential data and information by requiring a six-digit password that is only valid for one login. This password, generated approximately every 30 seconds, is provided to the customer by a hardware authenticator device and is required in combination with a user name and PIN.


In contrast to static passwords, one-time passwords are not vulnerable to malicious users recording or obtaining the user name and password to access the resource. Without the proper combination of user name, PIN, and one-time password, no one can gain access to secured resources.


  • Authenticator displaying a new password every 30 seconds
  • Web-interface for login using user name, PIN and one-time password

Related Policies

The Highly Confidential Security Standard (Section 7.c.)


  • Increased security
  • Access to CU Boulder Research Computing resources (as needed and assigned)


  • One-Time Password (OTP) is currently provided to previously-identified individuals as a common-good which means there is no direct cost to you or your department if part of this group.

Who can get it

  • OTP is currently available for research staff and faculty with permission to access the CU Research Computing resources.
  • If you are interested in using a two-factor authentication system like one-time password, please contact the IT Service Center.

How to get it

  • Order an Authenticator
  •  Pick up your Authenticator
    • Pick up your authenticator at the IT Service Center. Please remember to bring a Picture ID when you pick up your key.
    • If you cannot pick up your authenticator in person, contact the IT Service Center to make special arrangements.
    • Customers should contact the IT Service Center to deactivate their authenticator if they leave CU Boulder or will no longer use the service. Authenticators can be returned to the IT Service Center.